CVE-2008-3139

Description

The RTMPT dissector in Wireshark (formerly Ethereal) 0.99.8 through 1.0.0 allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: this might be due to a use-after-free error.

How to fix CVE-2008-3139

To remediate CVE-2008-3139, upgrade the affected package to a fixed version below.

• Debian/wireshark—upgrade to 1.0.1-1 or later

Is CVE-2008-3139 being exploited?

Low — EPSS is 1.3%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

• from 0, < 1.0.1-1

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2008-3139